5603 matches found
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.
...
Das U-Boot 缓冲区错误漏洞
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot version 2022.07-rc5 and earlier versions, which stems from...
Debian DLA-3060-1 : blender - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3060 advisory. Several issues have been found in blender, a very fast and versatile 3D modeller/renderer. CVE-2022-0546 An out-of-bounds heap access due to missing checks in the...
The vulnerability of the Tiff_Loader.dll library, a tool for 3D JT JT2Go viewing and Teamcenter Visualization lifecycle management system, allows a hacker to trigger a service failure.
The vulnerability of the TiffLoader.dll library, used by 3D JT and JT2Go visualization tools, as well as the Teamcenter Visualization lifecycle management system, stems from a cycle that requires an unavailable exit condition during syntax analysis of TIFF files. Exploiting this vulnerability can...
Nim-Loader - WIP Shellcode Loader In Nim With EDR Evasion Techniques
a very rough work-in-progress adventure into learning nim by cobbling resources together to create a shellcode loader that implements common EDR/AV evasion techniques. This is a mess and is forresearch purposes only! Please don't expect it to compile and run without your own modifications...
Malicious Package
Overview shared-ini-file-loader is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside
A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber'...
Malicious code in vue-loader-v15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f28d64bd6925b4cc89a968db2ede4f3f5a9af6ca2bff1509ced13eb5aaafdf65 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6993 Malicious code in vue-loader-v15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f28d64bd6925b4cc89a968db2ede4f3f5a9af6ca2bff1509ced13eb5aaafdf65 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @highspot/closure-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware beb6d824b67d53a5bf5bddee8756a88d6bc20bdd981f4ab69a357a67ee742de0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-332 Malicious code in @highspot/closure-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware beb6d824b67d53a5bf5bddee8756a88d6bc20bdd981f4ab69a357a67ee742de0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vue-loader-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6236dec20227f77710e1c878b9c645f3a7b083d59eb6e425057f13b031fa0bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6992 Malicious code in vue-loader-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6236dec20227f77710e1c878b9c645f3a7b083d59eb6e425057f13b031fa0bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bender-lyaml-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2fbaacf81869019beeb1f7a87facc32857ae6a1838591eccb2e23cda314f91be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1501 Malicious code in bender-lyaml-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2fbaacf81869019beeb1f7a87facc32857ae6a1838591eccb2e23cda314f91be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in scale-css-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fb2cb0dd597cbe85b6778b2a375cb19f30f3e468e0e9876e476f6e8db9bf5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5957 Malicious code in scale-css-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fb2cb0dd597cbe85b6778b2a375cb19f30f3e468e0e9876e476f6e8db9bf5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @zohocalendar/resource-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware faab1535d62039670d3ec4cef9f0fb0bb279a2b5a0e788146a71e9d1770d3c6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in spr-svg-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a0110f4b8f50e4633d5a315a6d446989ffe4e78d529a0d9aaa01a59d28229d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6264 Malicious code in spr-svg-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a0110f4b8f50e4633d5a315a6d446989ffe4e78d529a0d9aaa01a59d28229d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...